Another day, another piece of malware gets into the Google Play Store and proceeds to be downloaded more than 500,000 times. This malware is called Andr/HiddnAd-AJ, and it has been distributed inside a series of apparently harmless apps – specifically six QR code readers and one ‘smart compass’ app – before finally being pulled down by Google. So check if you recently installed a QR code reader, as you may have installed some malware into your device.
This piece of malware bypassed Google’s security checks by hiding the malicious code and delaying its initial burst of malicious actions. Once the infected app is installed, the malware will wait for six hours before it begins to flood the user with full screen ads, opening ads on webpages, and sending various notifications containing ad-related links.
Because of the usability of the carrier apps, this allowed the hackers to get a huge number of people to download said apps. Andr/HiddnAd-AJ is thought to have infected at least a million users, and potentially many more.
Despite Google’s failure to detect this malware – among others it has failed to detect – we still recommend that Android users download apps from the Play Store. The few malware that slip by Google’s security checks is still acceptable in view of the huge number of malware it detects and stops from being installed on your device.
SOURCE: Sophos
